I think it would be beneficial to integrate something like ACME let's encrypt certificates as we're serving web content. The h0neytr4p could also handle unexpected TLS connections more gracefully to continue to capture traffic/data even with handshake issues.
2025/07/28 18:26:35 http: TLS handshake error from [REDACTED]:34850: read tcp [REDACTED]:443->[REDACTED]:34850: read: connection reset by peer
2025/07/28 18:26:36 http: TLS handshake error from [REDACTED]:34862: read tcp [REDACTED]:443->[REDACTED]:34862: read: connection reset by peer
2025/07/28 18:26:36 http: TLS handshake error from [REDACTED]:34864: tls: no cipher suite supported by both client and server
2025/07/28 18:26:36 http: TLS handshake error from [REDACTED]:34866: tls: client requested unsupported application protocols ([http/0.9 http/1.0 spdy/1 spdy/2 spdy/3 h2c hq])
2025/07/28 18:26:36 http: TLS handshake error from [REDACTED]:34874: tls: client requested unsupported application protocols ([hq h2c spdy/3 spdy/2 spdy/1 http/1.0 http/0.9])
2025/07/28 18:26:36 http: TLS handshake error from [REDACTED]:34880: tls: client offered only unsupported versions: [302 301]
2025/07/28 18:26:37 http: TLS handshake error from [REDACTED]:34892: read tcp [REDACTED]:443->[REDACTED]:34892: read: connection reset by peer
2025/07/28 18:26:37 http: TLS handshake error from [REDACTED]:37962: read tcp [REDACTED]:443->[REDACTED]:37962: read: connection reset by peer
2025/07/28 18:26:37 http: TLS handshake error from [REDACTED]:37978: read tcp [REDACTED]:443->[REDACTED]:37978: read: connection reset by peer
2025/07/28 18:26:37 http: TLS handshake error from [REDACTED]:37986: read tcp [REDACTED]:443->[REDACTED]:37986: read: connection reset by peer
[2025-07-28T18:26:38Z] [Path: /favicon.ico] [Trapped: false]
2025/07/28 18:34:03 http: TLS handshake error from [REDACTED]:39606: tls: first record does not look like a TLS handshake
2025/07/28 18:34:13 http: TLS handshake error from [REDACTED]:38174: client sent an HTTP request to an HTTPS server
[2025-07-28T18:34:15Z] [Path: /] [Trapped: false]
2025/07/28 18:34:15 http: TLS handshake error from [REDACTED]:38194: client sent an HTTP request to an HTTPS server
[2025-07-28T18:35:30Z] [Path: /] [Trapped: false]
2025/07/28 18:36:18 http: TLS handshake error from [REDACTED]:55002: unexpected EOF
[2025-07-28T18:48:17Z] [Path: /.env] [Trapped: true]
2025/07/28 18:48:18 http: TLS handshake error from [REDACTED]:51912: client sent an HTTP request to an HTTPS server
[2025-07-28T18:48:19Z] [Path: /.git/config] [Trapped: true]
2025/07/28 18:48:19 http: TLS handshake error from [REDACTED]:51932: client sent an HTTP request to an HTTPS server
[2025-07-28T18:48:41Z] [Path: /] [Trapped: false]
2025/07/28 19:13:49 http: TLS handshake error from [REDACTED]:57484: client sent an HTTP request to an HTTPS server
2025/07/28 19:13:51 http: TLS handshake error from [REDACTED]:57500: client sent an HTTP request to an HTTPS server
2025/07/28 19:16:01 http: TLS handshake error from [REDACTED]:60892: tls: first record does not look like a TLS handshake
2025/07/28 19:16:10 http: TLS handshake error from [REDACTED]:60874: unexpected EOF
I think it would be beneficial to integrate something like ACME let's encrypt certificates as we're serving web content. The h0neytr4p could also handle unexpected TLS connections more gracefully to continue to capture traffic/data even with handshake issues.